usb/186224: GPF in usbd_get_hr_func() on stable/9
Hans Petter Selasky
hps at bitfrost.no
Wed Jan 29 12:50:01 UTC 2014
The following reply was made to PR usb/186224; it has been noted by GNATS.
From: Hans Petter Selasky <hps at bitfrost.no>
To: Garrett Wollman <wollman at csail.mit.edu>,
FreeBSD-gnats-submit at freebsd.org
Cc:
Subject: Re: usb/186224: GPF in usbd_get_hr_func() on stable/9
Date: Wed, 29 Jan 2014 13:41:50 +0100
On 01/29/14 05:28, Garrett Wollman wrote:
>
>> Number: 186224
>> Category: usb
>> Synopsis: GPF in usbd_get_hr_func() on stable/9
>> Confidential: no
>> Severity: critical
>> Priority: high
>> Responsible: freebsd-usb
>> State: open
>> Quarter:
>> Keywords:
>> Date-Required:
>> Class: sw-bug
>> Submitter-Id: current-users
>> Arrival-Date: Wed Jan 29 04:30:00 UTC 2014
>> Closed-Date:
>> Last-Modified:
>> Originator: Garrett Wollman
>> Release: FreeBSD 9-stable amd64
>> Organization:
> MIT Computer Science & Artificial Intelligence Lab
>> Environment:
>
> (from svn info -- this is a newly built kernel)
> URL: svn://svn0.us-east.freebsd.org/base/stable/9
> Relative URL: ^/stable/9
> Revision: 261256
> Last Changed Author: mav
> Last Changed Rev: 261256
> Last Changed Date: 2014-01-28 21:39:44 -0500 (Tue, 28 Jan 2014)
>
> There are local changes, but none relevant to USB support.
>
> Hardware is a Quanta QSSC-S99Q. Under releng/9.2, USB hardware is identified
> as:
>
> uhci0: <Intel 82801JI (ICH10) USB controller USB-D> port 0xbc00-0xbc1f irq 23 at device 26.0 on pci0
> usbus0 on uhci0
> uhci1: <Intel 82801JI (ICH10) USB controller USB-E> port 0xb880-0xb89f irq 22 at device 26.1 on pci0
> usbus1 on uhci1
> uhci2: <Intel 82801JI (ICH10) USB controller USB-F> port 0xb800-0xb81f irq 21 at device 26.2 on pci0
> usbus2 on uhci2
> ehci0: <Intel 82801JI (ICH10) USB 2.0 controller USB-B> mem 0xdf3d6000-0xdf3d63ff irq 20 at device 26.7 on pci0
> usbus3: EHCI version 1.0
> usbus3 on ehci0
> uhci3: <Intel 82801JI (ICH10) USB controller USB-A> port 0xb480-0xb49f irq 23 at device 29.0 on pci0
> usbus4 on uhci3
> uhci4: <Intel 82801JI (ICH10) USB controller USB-B> port 0xb400-0xb41f irq 22 at device 29.1 on pci0
> usbus5 on uhci4
> uhci5: <Intel 82801JI (ICH10) USB controller USB-C> port 0x7c00-0x7c1f irq 21 at device 29.2 on pci0
> usbus6 on uhci5
> ehci1: <Intel 82801JI (ICH10) USB 2.0 controller USB-A> mem 0xdf3d4000-0xdf3d43ff irq 23 at device 29.7 on pci0
> usbus7: EHCI version 1.0
> usbus7 on ehci1
> usbus0: 12Mbps Full Speed USB v1.0
> usbus1: 12Mbps Full Speed USB v1.0
> usbus2: 12Mbps Full Speed USB v1.0
> usbus3: 480Mbps High Speed USB v2.0
> ugen0.1: <Intel> at usbus0
> uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
> ugen1.1: <Intel> at usbus1
> uhub1: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus1
> ugen2.1: <Intel> at usbus2
> uhub2: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus2
> ugen3.1: <Intel> at usbus3
> uhub3: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus3
> usbus4: 12Mbps Full Speed USB v1.0
> usbus5: 12Mbps Full Speed USB v1.0
> usbus6: 12Mbps Full Speed USB v1.0
> usbus7: 480Mbps High Speed USB v2.0
> ugen4.1: <Intel> at usbus4
> uhub4: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus4
> ugen5.1: <Intel> at usbus5
> uhub5: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus5
> ugen6.1: <Intel> at usbus6
> uhub6: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus6
> ugen7.1: <Intel> at usbus7
> uhub7: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus7
> ugen3.2: <American Megatrends Inc.> at usbus3
> uhub8: <Hub Interface> on usbus3
> ugen3.3: <American Megatrends Inc.> at usbus3
> ukbd0: <Keyboard Interface> on usbus3
> ums0: <Mouse Interface> on usbus3
>
>> Description:
>
> Kernel panics with a GPF in interrupt-driven part of boot process:
>
> usbus0: 12Mbps Full Speed USB v1.0
> usbus1: 12Mbps Full Speed USB v1.0
> usbus2: 12Mbps Full Speed USB v1.0
> usbus3: 480Mbps High Speed USB v2.0
> ugen0.1: <Intel> at usbus0
> uhub0: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
> ugen1.1: <Intel> at usbus1
> uhub1: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus1
> ugen2.1: <Intel> at usbus2
> uhub2: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus2
> ugen3.1: <Intel> at usbus3
> uhub3: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus3
> usbus4: 12Mbps Full Speed USB v1.0
> usbus5: 12Mbps Full Speed USB v1.0
> usbus6: 12Mbps Full Speed USB v1.0
> usbus7: 480Mbps High Speed USB v2.0
> ugen4.1: <Intel> at usbus4
> uhub4: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus4
> ugen5.1: <Intel> at usbus5
> uhub5: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus5
> ugen6.1: <Intel> at usbus6
> uhub6: <Intel UHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus6
> ugen7.1: <Intel> at usbus7
> uhub7: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus7
> uhub0: 2 ports with 2 removable, self powered
> uhub1: 2 ports with 2 removable, self powered
> uhub2: 2 ports with 2 removable, self powered
> uhub4: 2 ports with 2 removable, self powered
> uhub5: 2 ports with 2 removable, self powered
> uhub6: 2 ports with 2 removable, self powered
> ipmi0: IPMI device rev. 1, firmware rev. 1.03, version 2.0
> ipmi0: Number of channels 2
> ipmi0: Attached watchdog
> uhub3: 6 ports with 6 removable, self powered
> uhub7: 6 ports with 6 removable, self powered
> ugen3.2: <American Megatrends Inc.> at usbus3
> uhub8: <Hub Interface> on usbus3
> failure at /usr/src-9-stable/sys/dev/mps/mps_sas_lsi.c:667/mpssas_add_device()! Could not get ID for device with handle 0x0010
> mpssas_fw_work: failed to add device with handle 0x10
> uhub8: 3 ports with 3 removable, self powered
>
>
> Fatal trap 9: general protection fault while in kernel mode
> cpuid = 0; apic id = 00
> instruction pointer = 0x20:0xffffffff804b6929
> stack pointer = 0x28:0xffffff945a8a39d0
> frame pointer = 0x28:0xffffff945a8a39e0
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 15 (usbus6)
> trap number = 9
> panic: general protection fault
> cpuid = 0
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x2a/frame 0xffffff945a8a34f0
> kdb_backtrace() at kdb_backtrace+0x37/frame 0xffffff945a8a35b0
> panic() at panic+0x1ce/frame 0xffffff945a8a36b0
> trap_fatal() at trap_fatal+0x290/frame 0xffffff945a8a3710
> trap() at trap+0x241/frame 0xffffff945a8a3910
> calltrap() at calltrap+0x8/frame 0xffffff945a8a3910
> --- trap 0x9, rip = 0xffffffff804b6929, rsp = 0xffffff945a8a39d0, rbp = 0xffffff945a8a39e0 ---
> usbd_get_hr_func() at usbd_get_hr_func+0x29/frame 0xffffff945a8a39e0
> usbd_do_request_flags() at usbd_do_request_flags+0x18e/frame 0xffffff945a8a3aa0
> usbd_req_get_port_status() at usbd_req_get_port_status+0x43/frame 0xffffff945a8a3ad0
> uhub_read_port_status() at uhub_read_port_status+0x2d/frame 0xffffff945a8a3b10
> uhub_explore() at uhub_explore+0xc9/frame 0xffffff945a8a3b80
> usb_bus_explore() at usb_bus_explore+0xcb/frame 0xffffff945a8a3bb0
> usb_process() at usb_process+0xd3/frame 0xffffff945a8a3be0
> fork_exit() at fork_exit+0x11f/frame 0xffffff945a8a3c30
> fork_trampoline() at fork_trampoline+0xe/frame 0xffffff945a8a3c30
> --- trap 0, rip = 0, rsp = 0xffffff945a8a3cf0, rbp = 0 ---
>
>> How-To-Repeat:
>
> Try to boot a stable/9 kernel on my Quanta hardware
>
Hi,
All USB devices should have a valid bus, methods and roothub_exec
pointers. You can try adding some printfs, to see what the values of the
"udev->bus->methods->roothub_exec" fields are, as shown in the code below:
The code in question "sys/dev/usb/usb_request.c":
else if (udev->parent_hub == NULL)
16: 31 c0 xor %eax,%eax
18: 48 83 bf 60 01 00 00 cmpq $0x0,0x160(%rdi)
1f: 00
20: 75 f2 jne 14 <usbd_get_hr_func+0x14>
return (udev->bus->methods->roothub_exec);
22: 48 8b 97 50 01 00 00 mov 0x150(%rdi),%rdx
29: 48 8b 82 40 05 00 00 mov 0x540(%rdx),%rax
30: 48 8b 00 mov (%rax),%rax
else
According to your backtrace "udev->bus" is corrupted somehow.
--HPS
More information about the freebsd-usb
mailing list